lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.64.0602111847110.4723@localhost.localdomain>
Date: Sat Feb 11 23:52:17 2006
From: gboyce at badbelly.com (gboyce)
Subject: blocking Google Desktop

On Sun, 12 Feb 2006, Nick FitzGerald wrote:

> Go to HR, explain that the new security policy about not running Google
> Desktop is make-or-break and explain why.  To achieve this you may need
> higher-level management buy-in, so hopefully you can threaten exposure
> under HIPAA, Sarbanes-Oxley or some such _IF_ the policy is ever
> breached.  Make it a matter of "if our IDS sees traffic from your
> machine to desktop.google.com (or whatever) its an automatic HR
> warning", and then let your standard (two, three, whatever strikes and
> you're out) HR policy deal with enforcement.

Yes.  And one of the prerequisites to this is the ability to monitor and 
detect this type of traffic.

Which was the reason for my response to J.A.'s e-mail.

--
Greg Boyce

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ